CIRCE
A tool that uses cyber-psychological tactics to
exploit human vulnerabilities in cyber attackers
A tool that uses cyber-psychological tactics to exploit human vulnerabilities in cyber attackers
Context-driven Interventions through Reasoning about Cyberpsychology Exploitation (CIRCE)
CIRCE is a multi-faceted approach that focuses on human behavior. CIRCE is being fueled by a contract from the Intelligence Advanced Research Projects Activity (IARPA). The project is part of IARPA’s ReSCIND program, which aims to develop a new set of cyberpsychology-informed defenses that take advantage of attacker’s limitations, such as decision-making biases and cognitive vulnerabilities.
Sean Guarino
Principal Scientist and Principal Investigator on CIRCE
Phishing emails use social engineering to exploit human vulnerabilities and execute large-scale attacks through a single weak link. Researchers at Charles River Analytics are turning the tables, using similar principles against attackers.
Most cybersecurity methods involve analyzing tools and methods and fortifying existing defenses. While these techniques have their merits, they miss accounting for perhaps the weakest link in the equation: the constraints on the human adversary.
Today, cyber defenses try to understand what kinds of tools adversaries are using. Considerable effort is spent assessing whether an adversary is on a network and, if so, how they got on. But there’s very little work focused on exploiting the human executing the attack.
Part of the strategy involves misleading human attackers to believe something about the attack surface or defenses that’s not true. For example, if the name of an entry port signals administrative authority, attackers might target it selectively to gain network access, and once they do so, their behavior can be steered in specific ways.
Dr. Spencer Lynn
Senior Scientist and Modeling Lead on CIRCE
CIRCE is in Phase 1 of the research to explore the possibilities of such OHF-driven manipulation. It focuses on characterizing and experimentally validating attacker cognitive vulnerabilities.
“There is a strong commercialization opportunity to develop these into tools that can be inserted into a wide range of different defensive environments,” Guarino says.
CIRCE is a psychology-based method that holds plenty of promise, Guarino adds. “Keeping up with technology can be a losing battle because cyber threats move so fast. The human in the attack is the most exploitable point in the attack chain. If we can define good ways to exploit human vulnerabilities, these methods will provide much more effective cyber defense for the long term.”
Contact us to learn more about CIRCE and our other capabilities in cybersecurity and human-centric AI capabilities.
This research is based upon work supported in part by the Office of the Director of National Intelligence (ODNI), Intelligence Advanced Research Projects Activity (IARPA), via N66001‑24‑C‑4501. The views and conclusions contained herein are those of the authors and should not be interpreted as necessarily representing the official policies, either expressed or implied, of ODNI, IARPA, or the U.S. Government. The U.S. Government is authorized to reproduce and distribute reprints for governmental purposes notwithstanding any copyright annotation therein.
